CloudGuard Network Security with Threat Prevention and SandBlast
Check Point Software Technologies | R81.20-631.1544Linux/Unix, Other Gaia 3.10 - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Seemless zero day security that can stop day 0 attacks
What do you like best about the product?
The Sandblast network delivers true zero day protection to your network that can stop the first outbreak of an attack. Nothing is allowed into the network until Sandblast says that its ok
What do you dislike about the product?
Only included on the upper tier of licenses so it can be expensive to maintain across your entire network and for east-west traffic. Would be good to see lower tiers of the product.
What problems is the product solving and how is that benefiting you?
Zero day attacks. Unknown files, direct attacks, spear campaigns are all a worry for normal anti-virus products to stop, but Sandblast is able to stop them in real time
- Leave a Comment |
- Mark review as helpful
Best protection at value for money
What do you like best about the product?
Non intrusive advanced threat protection (including 0 day threats) with a high detection and low false positives
What do you dislike about the product?
Initial configuration is not straight forward if you don't have experience in checkpoint products. There is a best practices guide but not easy to find
What problems is the product solving and how is that benefiting you?
Our corporation is now protected about threats that could be hidden in important documents (office, PDF, etc.) that standard antivirus/antimalware does not even detect. We have the benefit of knowing that we are protected again 0 day threats.
Recommendations to others considering the product:
It's important to take care about the future easy of admin/use and against other more intrusive software
Preventing Malicious files
What do you like best about the product?
The way that SanBlast Cloud emulates the downloads when all work personal try to download any software from the internet service protecting the LAN environment within our infrastructure
What do you dislike about the product?
The high performance that it takes when Threat Emulation is enabled, and some times this affects our operations with some latency issues when they try to navigate to the internet service
What problems is the product solving and how is that benefiting you?
We currently use Check Point Sanblast on the direct usage to grant access to the internet service so all traffic can be inspected through the firewall SandBlast Device
solid and reliable solution
What do you like best about the product?
Sandblast network can be used in a private network or in the cloud with the same features. There are several companies that do not have this option available. As the current trend is the cloud, on-premise solutions lack many features. For the cloud usage called TX is very easy to activate within several clicks, then it's working. Licensing is simple. TE gives you broad coverage for 0 days of several protocols. Threat extraction is unique; even some vendors have dedicated solutions for the extraction of pds and macros. TEX does not damage the original files. MacOS support is a big plus as MacOS support of related security services is lacking, MacOS TE support gives us confidence. I do not need to invest in an additional sandboxing product with TX. I have one platform to cover all network security solutions.
What do you dislike about the product?
TX annual pricing is costly compared to the initial investment of the product. In case of problems related to TX, support always directs it to the latest HFA, even to the new version. I see in some cases, the TE process hangs and needs to be restarted. You don't get regular updates if the ATP vectors are covered with TX. There's no specific service to use the sandblast networking in the cloud just for info exchange or api. I can't track or query our uploaded data to the cloud.
What problems is the product solving and how is that benefiting you?
It provides us integrated solution covering the latest threat and attack vectors at the networking layer. It's really detecting, blocking even mitigating the attacks at the boundary. Targeted attacks through the phishing emails can easily be stopped with TX. Reporting through the smartevent module is fantastic. I don't see any difference using just TX or a couple of sandboxing in the service chain as the TX already detects and blocks the threat.
Recommendations to others considering the product:
You need to open SSL inspection on the gateway. Otherwise, there's no meaning to use Sadblast networking. Achieve files should be analyzed in the SandBlast. Sizing should be done properly before deployment. Purchase the TX with 3-year subscription; 1-year initial purchase than the consecutive years is costly.
No patience for 0.Day
What do you like best about the product?
Check Point differentiates with its zero-day protection. Static analyses, dynamic analyses,CPU-level protection, plus sandboxing engine. With these capabilities, the product can hold malwares even at first time . No gap for security.
What do you dislike about the product?
Forensics reports can be more detailed like Check Point do for Endpoints.
What problems is the product solving and how is that benefiting you?
Can protect network at the most external zone. No need to think about post-infections or no need to deal with endpoint integrations .
Checkpoint Endpoint- Most Effective Endpoint blade within one Software.
What do you like best about the product?
It is a one-stop shop for Endpoint protection—features minimal zero-day threats, full disk encryption, Monitoring, and blocking malicious files. Filtering phishing emails is a modern-day threat under social engineering.
Centralized management, Minimal Zero day threats, FDE(Full Disk Encryption, blocking malicious files and mails.
Centralized management, Minimal Zero day threats, FDE(Full Disk Encryption, blocking malicious files and mails.
What do you dislike about the product?
The End user machine slowness due to consuming max of the CPU usage.
What problems is the product solving and how is that benefiting you?
Improve compliance & risk management, Improve business process outcomes, Improve customer relations/service
Defense against zero day attacks
What do you like best about the product?
Checkpoint Sandblast combines evasion resistance Threat Emulation, and Threat Extraction technology which detects and blocks Zero-day attacks, including CPU level.
Emulation is nothing but to detect signature which was previously unknown into checkpoint's virtual server environment knows as traditional sandbox technology, but its beyond that which makes more accurate and fastest response service.
Threat extraction is to sanitized the emails and downloaded file content from web browsers which leads to avoiding phishing emails.
Emulation is nothing but to detect signature which was previously unknown into checkpoint's virtual server environment knows as traditional sandbox technology, but its beyond that which makes more accurate and fastest response service.
Threat extraction is to sanitized the emails and downloaded file content from web browsers which leads to avoiding phishing emails.
What do you dislike about the product?
The onboarding process is simple but requires more CPU as emulation is a very CPU-intensive process, either on the cloud or on-premises.
Filtering real-time web browser traffic and emails that require more memory and devices sometimes stop responding to it.
Email gets stuck in quarantine which sometimes needs to involve the TAC team.
Filtering real-time web browser traffic and emails that require more memory and devices sometimes stop responding to it.
Email gets stuck in quarantine which sometimes needs to involve the TAC team.
What problems is the product solving and how is that benefiting you?
Attack prevention from previously undiscovered signatures, including zero-day attacks.
Sandblast defends against most devasting attacks, including ransomware, phishing attacks, trojan, etc.
Protection against malicious Email and web downloads.
Sandblast defends against most devasting attacks, including ransomware, phishing attacks, trojan, etc.
Protection against malicious Email and web downloads.
Recommendations to others considering the product:
It improves organization security by protecting against zero-day attacks.
NGFW solution doesn't come with Threat Emulation and Extraction blades, so always go for NGTX appliances and licenses.
Emulation always takes place via secured communication between Checkpoint Threat Cloud and gateways.
Onboarding process or 1st-time installation wizards gives easy installation, and default policies get applied.
NGFW solution doesn't come with Threat Emulation and Extraction blades, so always go for NGTX appliances and licenses.
Emulation always takes place via secured communication between Checkpoint Threat Cloud and gateways.
Onboarding process or 1st-time installation wizards gives easy installation, and default policies get applied.
Do not worry about zero day attack after Check Point SandBlast Network
What do you like best about the product?
SandBlast network secure our organization from zero day attack and make it safe from them for on-prem as well as roaming users.
What do you dislike about the product?
It is very good solution for protection against zeroday, no dislike.
What problems is the product solving and how is that benefiting you?
as we know thousand of new virus / malware is comming daily and our firewall, antivirus and other protection can never help us to protect again new or singature less malware / virus, and in this situation sandblast network help us to protect again this.
One Shop Stop for Endpoint Protection
What do you like best about the product?
Features such as FDE (Full Disk Encrytion), very high rate of Zero Day Threat catch, extraction/blocking malicious files and/or content after scanning the file and understanding the behaviour if the file was opened on the system in a virtual environment before it is shared to the end user,
Most important one is the Phishing emails which have become quite a normal norm before of work from home.
Most important one is the Phishing emails which have become quite a normal norm before of work from home.
What do you dislike about the product?
Many end machine resources are consumed by enabling the features, which is expected but can become a nuisance sometimes due to delay/slow performance.
What problems is the product solving and how is that benefiting you?
The main purpose of installing Sandblaast network along with Check POint NGFW is to achieve full security for network including the end point devices. It can be difficult at times for end users to understand what is malicious and what is not which if not taken care of can cause a lot of issues on both personal and organizational level. With installation of Check Point Sandblast, IT team is able to have a breather where a lot of work is automated by these features hence giving them the chance to work on the real big thing when it comes.
Zero-day treats protection
What do you like best about the product?
1. High rate of catching the zero-day advanced threats (I suppose due to the integrated AI-engine).
2. The Threat Extraction feature, when the suspicious document is converted to the other type/extension, which is harmless, like doc to pdf.
3. Very easy processes of the software blade activation and configuration.
4. In addition, Check Point SandBlast Network provides the protection against the phishing emails.
5. Good logging and reporting capabilities, on the level of other Check Point products.
6. Built-in compliance checks, with a reasonable set of the default regulations provided.
2. The Threat Extraction feature, when the suspicious document is converted to the other type/extension, which is harmless, like doc to pdf.
3. Very easy processes of the software blade activation and configuration.
4. In addition, Check Point SandBlast Network provides the protection against the phishing emails.
5. Good logging and reporting capabilities, on the level of other Check Point products.
6. Built-in compliance checks, with a reasonable set of the default regulations provided.
What do you dislike about the product?
Some users report the poor performance of the software, but I believe that is valid for every enpoint security solution with a rich set of functionality.
What problems is the product solving and how is that benefiting you?
The overall security of the environment has been greatly improved by the Check Point NGFWs with the SandBlast Network blade activated. Before implementing the Check Point solutions, we relied on the Cisco ACLs and Zone-Based firewalls configured on the switches and routers, which in fact a simple stateful firewall, and currently appear to be not an efficient solution for protecting from the advanced threats. The Check Point SandBlast Network software blade has increased the protection of our environment by enabling the Threat Emulation and Threat Extraction features. The first feature performs the sandboxing of the suspicious file types (over 70 file types may be emulated) in the Windows and MacOS virtual machines. The second feature works faster by just converting the files to the clean file of the PDF format thus deleting potentially dangerous Macroses, JavaScript Actions etc.
showing 1 - 10